Vulnerability Details : CVE-2006-0459
flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependent attackers to execute arbitrary code.
Vulnerability category: OverflowExecute code
Products affected by CVE-2006-0459
- cpe:2.3:a:westes:flex:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-0459
3.97%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 88 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-0459
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2006-0459
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2006-0459
-
Red Hat 2006-08-16This issue only affects parsers which are generated by grammars which either use REJECT or rules with a variable trailing context (in these rules the parser has to keep all backtracking paths). The Red Hat Security Response Team analysed all packages that include flex generated parsers in Red Hat Enterprise Linux (2.1, 3, and 4) and found none were vulnerable.
References for CVE-2006-0459
-
http://secunia.com/advisories/19071
About Secunia Research | FlexeraPatch;Vendor Advisory
-
http://secunia.com/advisories/19126
About Secunia Research | FlexeraVendor Advisory
-
http://sourceforge.net/mailarchive/forum.php?thread_name=20060223020346.GA11231%40tabitha.home.tldz.org&forum_name=flex-announce
Thread: [Flex-announce] flex 2.5.33 released | flex: the fast lexical analyserRelease Notes
-
http://www.securityfocus.com/bid/16896
Patch;Third Party Advisory;VDB Entry
-
http://securityreason.com/securityalert/570
flex: Potential insecure code generation - CXSecurity.comThird Party Advisory
-
https://usn.ubuntu.com/260-1/
404: Page not found | UbuntuThird Party Advisory
-
http://www.us.debian.org/security/2006/dsa-1020
Patch;Vendor Advisory
-
http://www.gentoo.org/security/en/glsa/glsa-200603-07.xml
flex: Potential insecure code generation (GLSA 200603-07) — Gentoo securityThird Party Advisory
-
http://www.vupen.com/english/advisories/2006/0770
Webmail: access your OVH emails on ovhcloud.com | OVHcloudBroken Link;URL Repurposed
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/24995
Flex lexicographical scanner class buffer overflow CVE-2006-0459 Vulnerability ReportVDB Entry
-
http://secunia.com/advisories/19228
About Secunia Research | FlexeraVendor Advisory
-
http://prdownloads.sourceforge.net/flex/flex-2.5.33.tar.bz2?download
flex: the fast lexical analyser - Browse Files at SourceForge.netProduct
-
http://secunia.com/advisories/19424
About Secunia Research | FlexeraPatch;Vendor Advisory
-
http://www.osvdb.org/23440
404 Not FoundBroken Link;Patch
Jump to